I have a WCF service on a dev server secured with X.509 server certificate (.pfx) [not self-signed, organization provided] using message security.
On my local machine, a client app consumed it with a client certificate (.pfx) [not self signed] file using message security. The intended operation (web service method) worked successfully with required result.
Client service call :
try
{
ServiceClient.Service1Client obj = newServiceClient.Service1Client();
Response.Write(obj.Add(1, 1));
}
catch (Exception ex)
{
Response.Write(ex.InnerException.Message);
}
Question:
as per https://blogs.msdn.microsoft.com/bradleycotier/2011/12/14/mutual-authentication-with-a-iis-hosted-wcf-data-service-installed-in-a-workgroup-environment/ which says :
In order for the client and service to successfully converse using certificates, the WCF client application must have access to the client’s private key and IIS (the receiving party) must have access to the client’s public key. Conversely, IIS must have access to the service private key and the client must have access to the service public key.
I haven't imported any public certificate
.cerfile of server or client at either side (client or server) via MMC or at file then how come the operation is successful? As it defies the logic shared in article.In a multi client scenario, if we intend to have a single client
.pfxcert how we can distribute it to all clients?
Your suggestions are valuable so please share some.
